We break down the timeline of the number one threat to ecommerce sites today – Magecart! This timeline includes all the significant Magecart attacks in 2019. With 4,800 formjacking attacks each month alone, this timeline only represents a small proportion of attacks reported in the public domain in 2019. Detect Web-skimming, Formjacking, and Supply Chain attacks before a Data Breach occurs with Magecart detection.
During research into Magecart attacks, I recently uncovered malicious code from two hacking groups attempting to steal credit card information on the European e-commerce websites for the science-backed skincare brand Perricone MD (affecting perriconemd.co.uk, perriconemd.it and perriconemd.de). Founded by U.S. celebrity dermatologist Nicholas Perricone, the company generated sales of $86 million in 2014 and are looking to fetch more than $200 million in a rumoured upcoming sale.
Holiday shopping is in full swing and cybercriminals are preparing their campaigns to maximise their profits this season. Here’s the latest news on Magecart and other website attacks, with insights from our own Security Researcher!
With Black Friday weekend coming up, ecommerce sites are preparing for a huge increase in traffic. If you haven’t made any changes yet, fear not, there’s still time! We’ve compiled a Black Friday last-minute checklist so you can prepare your site for the Black Friday weekend! Monitor your uptime status.
Visa have reported a new security alert for an advanced, self-cleaning, JavaScript skimmer named Pipka. The security researchers at Visa’s Payment Fraud Disruptions (PFD) discovered the skimmer in September earlier this year. The skimmer was first seen on a North American ecommerce website which had previously been infected with a different skimmer, Inter. Visa have now identified another 16 additional sites with hosting the Pipka code.
The threat of your customers being attacked directly on the client-side is more real today than ever before. Magecart are knocking on everybody’s door – you, your 3rd parties, and even their 4th parties. This is happening continuously, with Magecart looking for opportunities to steal your valuable data for sale on the dark web. It’s a complex and ever-changing problem. So what stage are you at in the customer hacking lifecycle?
October brings Halloween and National Cybersecurity Awareness Month, however, it has also been one of the scariest months for Magecart attack discoveries! Here’s the latest news on Magecart and other website attacks, with insights from our own Security Researcher!
Cookie consent banners and popups are a little like that annoying friend who turns up at your house unannounced when you’re trying to do the washing, asks too many questions and is tricky to get to leave. They’ve also brought their 3 year old with them who’s favourite past time is to pull on your dog’s tail and stare at their private parts. Unlike such visitors, cookie consent banners can be prevented in your synthetic user journeys if you know how.
Data theft or data skimming is not a new problem, it has probably been happening since the birth of the paper form. Today is no different, it is still around and happening on a much wider scale, leveraging the internet and the proliferation of online shopping. A popular modern tactic for data skimming is called formjacking. Not heard of it? Formjacking enables organised criminals to steal sensitive customer data as it is entered into an ecommerce shop. To the end user, this process is invisible.
Performance and security are the lifeblood of an e-commerce website. The moment pages start to slow down, or your customers fear their data may be at risk, is the moment your business starts to fail. This post is the second in a series of three that will explore the key tools every ecommerce site needs running 24/7.
